Ars Technica

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

The file is named .RAR to make it look like you need a RAR utility to open it. Once WinRAR opens it it identifies it as a ZIP file. The write up doesn't fully describe the bug but it looks like an ...
TechRadar

Dangerous new malware exploits WinRAR flaw - here's what we know

Amaranth Dragon, linked to APT41, joins groups exploiting WinRAR CVE-2025-8088 Targets include organizations across Southeast Asia, using custom loaders and Cloudflare-masked servers Vulnerability ...